PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Portalapp |
Iatek |
* |
* |
References